Multiple vulnerabilities in PHPShop CMS Free

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PHPShop CMS Free, which can be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-Site Scripting in PHPShop CMS Free 1.1 Input appended to the URL after multiple files is not properly...

Musicbox SQL Injection and Cross Site Scripting Vulnerabilities

Musicbox is prone to SQL injection and cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Active Directory Certificate Services Web Enrollment Elevation of Privilege Vulnerability (2518295)

This host is missing an important security update according to Microsoft Bulletin MS11-051. OpenVAS Vulnerability Test $Id: secpodms11-051.nasl 5362 2017-02-20 12:46:39Z cfi $ Active Directory Certificate Services Web Enrollment Elevation of Privilege Vulnerability 2518295 Authors: Veerendra GG...

Cross-site Request Forgery (CSRF) in Plogger

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Plogger which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerability in Plogger The vulnerability exists due to insufficient validation of the request...

Cross-site Request Forgery (CSRF) Vulnerabilities in Pragyan CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pragyan CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in Pragyan CMS 1.1 The vulnerability exists due to insufficient validation of...

Cross-site Scripting (XSS) Vulnerabilities in odCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in odCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in odCMS 1.1 The vulnerability exists due to input sanitation error in the "content" parameter in...

access2asp XSS vuln.

access2asp XSS vuln. Vuln. discovered by : r0t Date: 22 June 2007 vendor:http://www.access2asp.com/ orginal advisory: http://pridels-team.blogspot.com/2007/06/access2asp-xss-vuln.html affected versions: access2asp v4.5 and prior access2asp contains a flaw that allows a remote Cross-Site Scripting...

[SA23733] Fastilo "p" Cross-Site Scripting Vulnerability

TITLE: Fastilo "p" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA23733 VERIFY ADVISORY: http://secunia.com/advisories/23733/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Fastilo 2.x http://secunia.com/product/13222/ DESCRIPTION: David Sopas has...

PHPMyDirectory 10.1.3 - review.php Multiple Cross-Site Scripting Vulnerabilities

PHPMyDirectory 10.1.3 - review.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12900/info phpMyDirectory is prone to a cross-site scripting vulnerability. The problem presents itself when malicious HTML and script code is sent to the application through...